Medium severity5.3GHSA Advisory· Published Apr 25, 2024· Updated Apr 15, 2026
CVE-2024-0874
CVE-2024-0874
Description
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/coredns/corednsGo | < 1.11.2 | 1.11.2 |
Affected products
39- osv-coords38 versionspkg:apk/chainguard/cloudflaredpkg:apk/chainguard/consul-1.15pkg:apk/chainguard/consul-1.15-oci-entrypointpkg:apk/chainguard/consul-1.15-oci-entrypoint-compatpkg:apk/chainguard/consul-1.16pkg:apk/chainguard/consul-1.16-oci-entrypointpkg:apk/chainguard/consul-1.16-oci-entrypoint-compatpkg:apk/chainguard/consul-1.17pkg:apk/chainguard/consul-1.17-fipspkg:apk/chainguard/consul-1.17-fips-oci-entrypointpkg:apk/chainguard/consul-1.17-fips-oci-entrypoint-compatpkg:apk/chainguard/consul-1.17-oci-entrypointpkg:apk/chainguard/consul-1.17-oci-entrypoint-compatpkg:apk/chainguard/corednspkg:apk/chainguard/coredns-compatpkg:apk/chainguard/coredns-fipspkg:apk/chainguard/juicefs-1.2pkg:apk/chainguard/juicefs-1.2-compatpkg:apk/chainguard/juicefs-1.3pkg:apk/chainguard/juicefs-1.3-compatpkg:apk/chainguard/kubernetes-dns-node-cachepkg:apk/chainguard/kuma-corednspkg:apk/wolfi/cloudflaredpkg:apk/wolfi/consul-1.15pkg:apk/wolfi/consul-1.15-oci-entrypointpkg:apk/wolfi/consul-1.15-oci-entrypoint-compatpkg:apk/wolfi/consul-1.16pkg:apk/wolfi/consul-1.16-oci-entrypointpkg:apk/wolfi/consul-1.16-oci-entrypoint-compatpkg:apk/wolfi/corednspkg:apk/wolfi/coredns-compatpkg:apk/wolfi/juicefs-1.3pkg:apk/wolfi/juicefs-1.3-compatpkg:apk/wolfi/kubernetes-dns-node-cachepkg:apk/wolfi/kuma-corednspkg:golang/github.com/coredns/corednspkg:rpm/opensuse/coredns&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/coredns&distro=SUSE%20Package%20Hub%2015%20SP6
< 2024.1.0-r9+ 37 more
- (no CPE)range: < 2024.1.0-r9
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 1.17.4-r3
- (no CPE)range: < 1.17.4-r4
- (no CPE)range: < 1.17.4-r4
- (no CPE)range: < 1.17.4-r4
- (no CPE)range: < 1.17.4-r3
- (no CPE)range: < 1.17.4-r3
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.11.3-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.23.0-r7
- (no CPE)range: < 0
- (no CPE)range: < 2024.1.0-r9
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.15.11-r2
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 1.16.7-r3
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.23.0-r7
- (no CPE)range: < 0
- (no CPE)range: < 1.11.2
- (no CPE)range: < 1.11.3-bp156.4.3.1
- (no CPE)range: < 1.11.3-bp156.4.3.1
Patches
Vulnerability mechanics
References
11- github.com/advisories/GHSA-m9w6-wp3h-vq8gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-0874ghsaADVISORY
- access.redhat.com/errata/RHSA-2024:0041nvdWEB
- access.redhat.com/errata/RHSA-2024:4850nvdWEB
- access.redhat.com/errata/RHSA-2024:6009nvdWEB
- access.redhat.com/errata/RHSA-2024:6406nvdWEB
- access.redhat.com/security/cve/CVE-2024-0874nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/coredns/coredns/commit/997c7f953962d47c242273f0e41398fdfb5b0151ghsaWEB
- github.com/coredns/coredns/issues/6186nvdWEB
- github.com/coredns/coredns/pull/6354nvdWEB
News mentions
0No linked articles in our index yet.